iptables is a mechanism in Linux kernel for port forwarding, NAT, firewalls etc. In Linux distros, such as Fedora, the iptables is configured to be as a “strict” firewall that opens a limited know ports, such as 22 for SSH. However, in some network environment, such as a private cluster, the nodes are trusted and firewalls are usually not needed. We may flush the default iptables to make it accept all connections and add rules as needed. This post introduces how to flush the iptables rules added by default on Fedora. This should also work on RHEL/CentOS etc.
Flush rules in the INPUT table
# iptables -F
Flush rules in the NAT table
# iptables -t nat -F
As the changes above only affect the in-memory state of the iptables in the kernel and Linux will restore the rules from a file stored on disk when it is booted, to make the changes “permanent” after rebooting, we should also make the changes into the file for restoring the rules.
Save the rules to the file
# cp /etc/sysconfig/iptables /etc/sysconfg/iptables.bak # backing up before changing is a good habit # iptables-save > /etc/sysconfig/iptables